Kubernetes Charm Libraries

  • Canonical Telco
Channel Revision Published Runs on
latest/edge 55 28 Oct 2024
Ubuntu 22.04
juju deploy kubernetes-charm-libraries --channel edge
Show information

Learn to deploy on juju >

Platform:

Ubuntu
22.04

charms.kubernetes_charm_libraries.v0.multus

Charm Library used to leverage the Multus Kubernetes CNI in charms.

Usage

from typing import List

from charms.kubernetes_charm_libraries.v0.multus import (
    KubernetesMultusCharmLib,
    NetworkAnnotation,
    NetworkAttachmentDefinition,
)
from ops import RemoveEvent
from ops.charm import CharmBase
from ops.framework import EventBase
from ops.main import main


class YourCharm(CharmBase):

    def __init__(self, *args):
        super().__init__(*args)
        self._kubernetes_multus = KubernetesMultusCharmLib(
            cap_net_admin=True,
            namespace=self.model.name,
            statefulset_name=self.model.app.name,
            pod_name="-".join(self.model.unit.name.rsplit("/", 1)),
            container_name=self._bessd_container_name,
            network_annotations=self._generate_network_annotations(),
            network_attachment_definitions=self._network_attachment_definitions_from_config(),
            privileged=True,
        )

        self.framework.observe(self.on.update_status, self._on_update_status)

    def _on_update_status(self, event: EventBase):
        self._kubernetes_multus.configure()

    def _on_remove(self, _: RemoveEvent) -> None:
        self._kubernetes_multus.remove()

    def _generate_network_annotations(self) -> List[NetworkAnnotation]:
        return [
            NetworkAnnotation(
                name=ACCESS_NETWORK_ATTACHMENT_DEFINITION_NAME,
                interface_name=ACCESS_INTERFACE_NAME,
                bridge_name=ACCESS_INTERFACE_BRIDGE_NAME,
            ),
            NetworkAnnotation(
                name=CORE_NETWORK_ATTACHMENT_DEFINITION_NAME,
                interface_name=CORE_INTERFACE_NAME,
                bridge_name=CORE_INTERFACE_BRIDGE_NAME,
            ),
        ]

    def _network_attachment_definitions_from_config(self) -> List[NetworkAttachmentDefinition]:
        return [
            NetworkAttachmentDefinition(
                name=ACCESS_NETWORK_ATTACHMENT_DEFINITION_NAME,
                cni_type="macvlan",
                network_name=self.config["access_network_name"],
            ),
            NetworkAttachmentDefinition(
                name=CORE_NETWORK_ATTACHMENT_DEFINITION_NAME,
                cni_type="macvlan",
                network_name=self.config["core_network_name"],
            ),
        ]

Index

class NetworkAttachmentDefinition

Description

Object to represent Kubernetes Multus NetworkAttachmentDefinition. None

Methods

NetworkAttachmentDefinition. __eq__( self , other )

Description

Validates equality between two NetworkAttachmentDefinitions object. None

class NetworkAnnotation

Description

NetworkAnnotation. None

Methods

NetworkAnnotation. dict( self )

Returns a NetworkAnnotation in the form of a dictionary.

Returns

dict

Dictionary representation of the NetworkAnnotation

class KubernetesMultusError

Description

KubernetesMultusError. None

Methods

KubernetesMultusError. __init__( self , message: str )

class KubernetesClient

Description

Class containing all the Kubernetes specific calls. None

Methods

KubernetesClient. __init__( self , namespace: str )

KubernetesClient. delete_pod( self , pod_name: str )

Deleting given pod.

Arguments

pod_name (str)

Pod name

KubernetesClient. pod_is_ready( self , pod_name: str )

Returns whether pod has the requisite network annotation and NET_ADMIN capability.

Arguments

pod_name

Pod name

network_annotations

List of network annotations

container_name

Container name

cap_net_admin

Container requires NET_ADMIN capability

privileged

Container requires privileged security context

Returns

bool

Whether pod is ready.

KubernetesClient. network_attachment_definition_is_created( self , network_attachment_definition: NetworkAttachmentDefinition )

Returns whether a NetworkAttachmentDefinition is created.

Arguments

network_attachment_definition

NetworkAttachmentDefinition

Returns

bool

Whether the NetworkAttachmentDefinition is created

KubernetesClient. create_network_attachment_definition( self , network_attachment_definition: GenericNamespacedResource )

Creates a NetworkAttachmentDefinition.

Arguments

network_attachment_definition

NetworkAttachmentDefinition object

KubernetesClient. list_network_attachment_definitions( self )

Lists NetworkAttachmentDefinitions in a given namespace.

Returns

list[NetworkAttachmentDefinition]

List of NetworkAttachmentDefinitions

KubernetesClient. delete_network_attachment_definition( self , name: str )

Deletes network attachment definition based on name.

Arguments

name

NetworkAttachmentDefinition name

KubernetesClient. patch_statefulset( self , name: str , network_annotations , container_name: str , cap_net_admin: bool , privileged: bool )

Patches a statefulset with Multus annotation and NET_ADMIN capability.

Arguments

name

Statefulset name

network_annotations

List of network annotations

container_name

Container name

cap_net_admin

Container requires NET_ADMIN capability

privileged

Container requires privileged security context

KubernetesClient. unpatch_statefulset( self , name: str , container_name: str )

Removes annotations, security privilege and NET_ADMIN capability from stateful set.

Arguments

name

Statefulset name

container_name

Container name

KubernetesClient. statefulset_is_patched( self , name: str , network_annotations , container_name: str , cap_net_admin: bool , privileged: bool )

Returns whether the statefulset has the expected multus annotation.

Arguments

name

Statefulset name.

network_annotations

list of network annotations

container_name

Container name

cap_net_admin

Container requires NET_ADMIN capability

privileged

Container requires privileged security context

Returns

bool

Whether the statefulset has the expected multus annotation.

KubernetesClient. multus_is_available( self )

Check whether Multus is enabled leveraging existence of NAD custom resource.

Returns

bool

Whether Multus is enabled

class KubernetesMultusCharmLib

Description

Class to be instantiated by charms requiring Multus networking. None

Methods

KubernetesMultusCharmLib. __init__( self , network_attachment_definitions , network_annotations , namespace: str , statefulset_name: str , pod_name: str , container_name: str , cap_net_admin: bool , privileged: bool )

Constructor for the KubernetesMultusCharmLib.

Arguments

network_attachment_definitions

list of NetworkAttachmentDefinition to be created.

network_annotations

List of NetworkAnnotation to be added to the container.

namespace

Kubernetes namespace

statefulset_name

Statefulset name

pod_name

Pod name

container_name

Container name

cap_net_admin

Container requires NET_ADMIN capability

privileged

Container requires privileged security context

KubernetesMultusCharmLib. configure( self )

Description

Creates network attachment definitions and patches statefulset. None

KubernetesMultusCharmLib. is_ready( self )

Returns whether Multus is ready.

Returns

bool

Whether Multus is ready

Description

Validates that the network attachment definitions are created, that the statefulset is patched with the appropriate Multus annotations and capabilities and that the pod also contains the same annotations and capabilities.

KubernetesMultusCharmLib. remove( self )

Description

Deletes network attachment definitions and removes patch. None

KubernetesMultusCharmLib. delete_pod( self )

Description

Delete the pod. None

KubernetesMultusCharmLib. multus_is_available( self )

Check whether Multus is enabled leveraging existence of NAD custom resource.

Returns

bool

Whether Multus is enabled